diff options
author | David Kalnischkies <kalnischkies@gmail.com> | 2010-06-08 19:27:49 +0200 |
---|---|---|
committer | David Kalnischkies <kalnischkies@gmail.com> | 2010-06-08 19:27:49 +0200 |
commit | 1ddb859611d2e0f3d9ea12085001810f689e8c99 (patch) | |
tree | 87399568a61da4d8bdd3b08bdc168462925ee1c4 | |
parent | 6dd8400ca787ef832d87121f304f98ad152dc3a6 (diff) |
* apt-pkg/indexrecords.cc:
- backport forgotten Valid-Until patch from the obsolete experimental
branch to prevent replay attacks better, thanks to Thomas Viehmann
for the initial patch! (Closes: #499897)
-rw-r--r-- | apt-pkg/acquire-item.cc | 12 | ||||
-rw-r--r-- | apt-pkg/indexrecords.cc | 38 | ||||
-rw-r--r-- | apt-pkg/indexrecords.h | 4 | ||||
-rw-r--r-- | debian/changelog | 4 | ||||
-rwxr-xr-x | test/pre-upload-check.py | 14 | ||||
-rw-r--r-- | test/testsources.list/sources.list.all-validuntil-broken | 1 |
6 files changed, 70 insertions, 3 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc index c035b9163..4a846804e 100644 --- a/apt-pkg/acquire-item.cc +++ b/apt-pkg/acquire-item.cc @@ -33,6 +33,7 @@ #include <string> #include <sstream> #include <stdio.h> +#include <ctime> /*}}}*/ using namespace std; @@ -1177,6 +1178,15 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message) /*{{{*/ Transformed = ""; } + if (_config->FindB("Acquire::Check-Valid-Until", true)) { + if (MetaIndexParser->GetValidUntil() > 0 && + time(NULL) > MetaIndexParser->GetValidUntil()) { + return _error->Error(_("Release file expired, ignoring %s (valid until %s)"), + RealURI.c_str(), + TimeRFC1123(MetaIndexParser->GetValidUntil()).c_str()); + } + } + if (_config->FindB("Debug::pkgAcquire::Auth", false)) { std::cerr << "Got Codename: " << MetaIndexParser->GetDist() << std::endl; @@ -1194,7 +1204,7 @@ bool pkgAcqMetaIndex::VerifyVendor(string Message) /*{{{*/ // return false; if (!Transformed.empty()) { - _error->Warning("Conflicting distribution: %s (expected %s but got %s)", + _error->Warning(_("Conflicting distribution: %s (expected %s but got %s)"), Desc.Description.c_str(), Transformed.c_str(), MetaIndexParser->GetDist().c_str()); diff --git a/apt-pkg/indexrecords.cc b/apt-pkg/indexrecords.cc index 1fc27b1a1..24ed02ba5 100644 --- a/apt-pkg/indexrecords.cc +++ b/apt-pkg/indexrecords.cc @@ -7,8 +7,11 @@ #include <apt-pkg/tagfile.h> #include <apt-pkg/error.h> #include <apt-pkg/strutl.h> +#include <apt-pkg/configuration.h> #include <apti18n.h> #include <sys/stat.h> +#include <clocale> + /*}}}*/ string indexRecords::GetDist() const { @@ -26,6 +29,11 @@ string indexRecords::GetExpectedDist() const return this->ExpectedDist; } +time_t indexRecords::GetValidUntil() const +{ + return this->ValidUntil; +} + const indexRecords::checkSum *indexRecords::Lookup(const string MetaKey) { return Entries[MetaKey]; @@ -82,7 +90,33 @@ bool indexRecords::Load(const string Filename) /*{{{*/ return false; } - string Strdate = Section.FindS("Date"); // FIXME: verify this somehow? + string Label = Section.FindS("Label"); + string StrDate = Section.FindS("Date"); + string StrValidUntil = Section.FindS("Valid-Until"); + + // if we have a Valid-Until header, use it + if (!StrValidUntil.empty()) + { + // set ValidUntil based on the information in the Release file + if(!StrToTime(StrValidUntil, ValidUntil)) + { + ErrorText = _(("Invalid 'Valid-Until' entry in Release file " + Filename).c_str()); + return false; + } + } else { + // if we don't have a valid-until string, check if we have a default + if (!Label.empty()) + { + int MaxAge = _config->FindI(string("apt::acquire::max-default-age::"+Label).c_str(),0); + if(MaxAge > 0 && !StrToTime(StrDate, ValidUntil)) + { + ErrorText = _(("Invalid 'Date' entry in Release file " + Filename).c_str()); + return false; + } + ValidUntil += 24*60*60*MaxAge; + } + } + return true; } /*}}}*/ @@ -160,6 +194,6 @@ indexRecords::indexRecords() } indexRecords::indexRecords(const string ExpectedDist) : - ExpectedDist(ExpectedDist) + ExpectedDist(ExpectedDist), ValidUntil(0) { } diff --git a/apt-pkg/indexrecords.h b/apt-pkg/indexrecords.h index 468d2bd0f..500cf23c4 100644 --- a/apt-pkg/indexrecords.h +++ b/apt-pkg/indexrecords.h @@ -12,6 +12,7 @@ #include <map> #include <vector> +#include <ctime> class indexRecords { @@ -25,6 +26,8 @@ class indexRecords string Dist; string Suite; string ExpectedDist; + time_t ValidUntil; + std::map<string,checkSum *> Entries; public: @@ -38,6 +41,7 @@ class indexRecords virtual bool Load(string Filename); string GetDist() const; + time_t GetValidUntil() const; virtual bool CheckDist(const string MaybeDist) const; string GetExpectedDist() const; virtual ~indexRecords(){}; diff --git a/debian/changelog b/debian/changelog index 3771ca415..d8fb57757 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,10 @@ apt (0.7.26~exp5) experimental; urgency=low [ David Kalnischkies ] + * apt-pkg/indexrecords.cc: + - backport forgotten Valid-Until patch from the obsolete experimental + branch to prevent replay attacks better, thanks to Thomas Viehmann + for the initial patch! (Closes: #499897) * cmdline/apt-get.cc: - rerun dpkg-source in source if --fix-broken is given (Closes: #576752) - don't suggest held packages as they are installed (Closes: #578135) diff --git a/test/pre-upload-check.py b/test/pre-upload-check.py index 268b3d672..e2dfecbd3 100755 --- a/test/pre-upload-check.py +++ b/test/pre-upload-check.py @@ -95,6 +95,20 @@ class testAuthentication(unittest.TestCase): self.assert_(len(glob.glob("/var/lib/apt/lists/partial/*")) == 0, "partial/ dir has leftover files: %s" % glob.glob("/var/lib/apt/lists/partial/*")) + def testValid(self): + for f in glob.glob("testsources.list/sources.list*validuntil*"): + self._cleanup() + (prefix, testtype, result) = f.split("-") + expected_res = self._expectedRes(result) + cmd = ["update"] + res = call([self.apt,"-o","Dir::Etc::sourcelist=./%s" % f]+cmd+apt_args, + stdout=stdout, stderr=stderr) + self.assert_(res == expected_res, + "test '%s' failed (got %s expected %s" % (f,res,expected_res)) + if expected_res == 0: + self.assert_(len(glob.glob("/var/lib/apt/lists/partial/*")) == 0, + "partial/ dir has leftover files: %s" % glob.glob("/var/lib/apt/lists/partial/*")) + class testLocalRepositories(unittest.TestCase): " test local repository regressions " diff --git a/test/testsources.list/sources.list.all-validuntil-broken b/test/testsources.list/sources.list.all-validuntil-broken new file mode 100644 index 000000000..bab59bb81 --- /dev/null +++ b/test/testsources.list/sources.list.all-validuntil-broken @@ -0,0 +1 @@ +deb http://people.ubuntu.com/~mvo/apt/auth-test-suit/all-validuntil-broken/ / |